On Mon, Dec 9, 2024 at 9:55 PM Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > On Mon, Dec 09, 2024 at 02:35:29PM -0600, Bartosz Golaszewski wrote: > > On Mon, 9 Dec 2024 21:15:16 +0100, Eric Biggers <ebiggers@xxxxxxxxxx> said: > > > On Mon, Dec 09, 2024 at 04:00:18PM +0100, Bartosz Golaszewski wrote: > > >> > > >> I haven't gotten to the bottom of this yet but the > > >> FS_IOC_ADD_ENCRYPTION_KEY ioctl doesn't work due to the SCM call > > >> returning EINVAL. Just FYI. I'm still figuring out what's wrong. > > >> > > >> Bart > > >> > > > > > > Can you try the following? > > > > > > diff --git a/drivers/firmware/qcom/qcom_scm.c b/drivers/firmware/qcom/qcom_scm.c > > > index 180220d663f8b..36f3ddcb90207 100644 > > > --- a/drivers/firmware/qcom/qcom_scm.c > > > +++ b/drivers/firmware/qcom/qcom_scm.c > > > @@ -1330,11 +1330,11 @@ int qcom_scm_derive_sw_secret(const u8 *eph_key, size_t eph_key_size, > > > sw_secret_size, > > > GFP_KERNEL); > > > if (!sw_secret_buf) > > > return -ENOMEM; > > > > > > - memcpy(eph_key_buf, eph_key_buf, eph_key_size); > > > + memcpy(eph_key_buf, eph_key, eph_key_size); > > > desc.args[0] = qcom_tzmem_to_phys(eph_key_buf); > > > desc.args[1] = eph_key_size; > > > desc.args[2] = qcom_tzmem_to_phys(sw_secret_buf); > > > desc.args[3] = sw_secret_size; > > > > > > > > > > That's better, thanks. Now it's fscryptctl set_policy that fails like this: > > > > ioctl(3, FS_IOC_SET_ENCRYPTION_POLICY, 0xffffcaf8bb20) = -1 EINVAL > > (Invalid argument) > > > > Yes, as I mentioned I decided to drop the new encryption policy flag and go back > to just relying on the key. I assume you were using > https://github.com/ebiggers/fscryptctl/tree/wip-wrapped-keys? I have pushed out > an updated version of that that should work. > > - Eric Thanks, with that and the memcpy() fix: Tested-by: Bartosz Golaszewski <bartosz.golaszewski@xxxxxxxxxx> # sm8650
